jed

Home » Archives » 08. June 2005

So here’s the deal

June 8, 2005

So you’re an opposition congressman and there
you are fiddling your thumbs, wondering what kind of dirt the President
has on you, what with her wiretapping expertise.
After all, you did spend a fortune on the last election, and you have
an expensive lifestyle to maintain, and there are these business
interests your family that depend on your political protection. Your
wife is looking to be a Congressman after your three terms are over.
You just can’t afford to lose your job.
What are you to do?

Hmmm.

I don’t normally help
people like you, but in this case I’ll make an exception. Because it’s
in the public’s interest. And because it is a cause that is dear to my
heart.

Here’s what you have to do:

1.Pass a bill to
approve VoiP now! The sooner you have VoIP services, the sooner you can
have end-to-end encryption on all your VoIP phone calls. This way, no
Telco can wiretap your phone. No ISAFP operative can listen in on your
phone conversation. Your ISP won’t know if that is you on their
network. And even if the ISP did suspect it was you, it would be
difficult - but not impossible to decrypt your conversation. Run, don’t
walk! Pass a VoIP bill now! (caveat - VoIP encryption can easily be
improved in the near future, as it’s all done in software, and PCs
today have enough CPU power to use bigger encryption keys)

2.
Break the Telco monopoly. Allow ISPs to become phone companies without
requiring a legislative franchise or an NTC franchise. Why? Because the
Telco will know it is YOUR house that they’ve installed DSL to. And
whatever encryption you put on your VoIP calls, the Telco will know if
a phone conversation is coming from your house (or office), and if they
are determined enough (or if your enemies are determined enough), they
will find a way to decrypt and record your conversations. What you need
to do is to be able to get your last mile service from other providers.
If there are enough small last-mile providers out there, then you’ll be
able to find a DSL provider whom you can trust. [Remember, as long as
your VoIP conversation does not go over a Network whom you do not trust
- then you are absolutely safe!]

3. Allow anyone to be a
Mobile Carrier. It’s a lot easier than you think. IP.Access makes a
picocell GSM/GPRS base station. So it’s possible to create your own GSM
phone company *using DSL lines*! This way you Congressman can have your
own GSM network! (And you’ll have true security as well - provided you
keep your switches in a secure location!) And the rest of us can have
cheap GSM service!

4. Reimburse Meralco for its use of the
Wifi frequency and open it up. This way you can do true end-to-end
encryption of a mobile conversation. VoIP over WIFI is still in its
infancy, but it is coming, and you can bet that it WILL BE HUGE! Once
anyone can set up Wifi base stations and offer VoIP over Wifi, you will
see a lot of people switching from GSM phones to WIFI-equipped PDASl
Why do you need Wifi? Because calling within your own Congressional GSM
network won’t suffice! You’ll need to call people outside your network.
And once the signal leaves your GSM network and enters PLDT’s network
it is UNENCRYPTED!

Remember - VoIP calls do not require the
signal to pass from one carrier that is interconnected with the other.
It stays encrypted all the way. So even if two parties are on different
VoIP networks (eg Vonage and FWD), they can still talk to each other
w/o the signal having to even pass through the Vonage “network” or the
FWD “network”.

Hope that helps!

Posted by jed at 10:22 pm | permalink | comments[2]

Wiretapgate

I’ve been watching the news about GMA “uncovering” a destabilization plot hatched against her. Supposedly the opposition had wiretapped a mobile phone conversation she had with Comelec Commissioner Virgilio Garcillano. In this conversation, GMA is heard to ask the Comelec Commissioner to see what he can do about bringing her winning margin (over FPJ) to 1 million. GMA claims the recording has been doctored, and produced her own copy of the original conversation. She even says that she changed her mobile phone number several times - precisely to avoid being wiretapped.

Here’s what really bothers me. If what she is saying is true, then how in the world did GMA get a hold of a recording of her original conversation with Garcillano? Was she recording all her conversations - ala John F Kennedy? That’s not possible - as she was using a mobile phone. I have yet to see a mobile phone with a built in recorder.

Did she have a device in her office to record all wireless conversations in the vicinity? That’s possible - but the GSM encryption code is very hard to crack, and requires a pretty expensive black box. I’m told the Israeli military has one such device - but it would be pretty absurd for GMA to use it. If she wants to record her conversation, all she has to do is to tell her caller to contact her on the Malacanang landline. It is far easier to record landline conversations.

Did someone in the opposition slip her a copy of the original “unforged” recording? First of all, I seriously doubt that someone plotting against GMA would be so negligent as to not destroy an original “unforged” recording. Secondly, this story in the Inquirer today says that “the Palace claims that it owned the original version of the President’s conversation”.

So where did the President get her recording? An ex-CIA operative once told me that ISAFP has about 30 lines connected to PLDT’s switches. With this, the AFP can listen in on virtually any phone conversation in PLDT’s network. (I have no doubt that ISAFP also has lines to Globe, Digitel, Sun, and all the other carriers). It is important to note that wiretapping today is very different from the way things were in “Mission Impossible”. Nowadays you wiretap with digital devices. It is certainly possible for a device to listen in on various phone conversations simultaneously, and identify the speakers (and then record the conversation). For this to happen, you need to have a huge database of audio recordings of people you wish to monitor. There are algorithms to analyze the frequency spectrum used by each speaker (z-transform, fourier transform, etc). There are algorithms to use this data to fingerprint and later ID the speaker. In fact, some stock brokerages today utilize this software. (eg - if the stock market is crashing and you can’t get through your broker, and automated attendant will ID you then let you enter you stock trade using touch-tone keys. Identification is done by having you say random words that the auto-attendant generates. eg say “five seven three one”.)

So it’s certainly possible for the President to have a device (at ISAFP) that records the conversations of all her “destabilizing elements”. The fact that the Comelec conversation occured over a year ago, indicates that she would also have to maintain archives of all these recordings. The fact that she was able to uncover this plot very early - with enough time to recover this old recording - probably indicates that she’s wiretapping Erap and associates this very minute.

The disk space consumed by such recording isn’t much. 8kbit/sec is enough to get a decent VoIP conversation, so a 2 minute conversation will occupy 120KB. If the average person GMA wants to monitor has 20 conversations/day, then that’s 2.4MB/day or 72MB/month. If she’s monitoring 200 people at any given time, then that’s 14.4Gig of disk space used up per month. It’s certainly doable.

If the recordings didn’t take place at ISAFP, they could also have taken place inside Globe or Smart. (As an aside, I wouldn’t be surprised if both Globe and Smart routinely record conversations of their enemies). While both companies have issued statements about how difficult it is to decrypt a GSM conversation, when they have neglected to tell you is that once the conversation enters their switches, it is no longer encrypted. It is only encrypted when the signal is travelling through the air.

Pretty interesting stuff!

Are there other alternative explanations? The only one i can think of - if she’s not engaging in wiretapping - is that her “original” recording is in fact doctored. It is not the opposition that doctored the recording. It is GMA herself who took the opposition’s recording and created a fake”original”. Either way - it’s pretty diabolical stuff!

Posted by jed at 9:14 pm | permalink | comments[3]

The great firewall of China

This is what happens when morons control the Internet. [China is requiring Websites to register with the authorities.]It’ll just push the chinese to register non-CN domain names, and patronize non-Chinese Webhosting companies. The government may initially be able to maintain a blacklist of sites, but as more and more free-speech sites and blogs come up, they won’t be able to maintain an updated list. The Internet is just too big - and it’s just not possible to keep track of what everyone says and thinks and figure out which blog is pro-government and which blog is anti-government. Pretty soon China will have to block international news sites such as cnn.com and bbc.co.uk; they may even have to black out the entire .TW domain! Later on, when the Govt sees that their plans aren’t working, then may choose to just maintain a whitelist of allowed sites, or black out entire segments of the internet. Then businesses will complain because they can’t stay competitive anymore. It’ll be interesting to see how long this lasts. I’ll bet THREE YEARS MAX!

Posted by jed at 7:43 pm | permalink | comments[2]

My Reply to Winthrop Yu on his PICS letter

I received an email today from Winthrop Yu of PICs. Apparently, Winthrop is writing the PICs paper that I talked about earlier. Since I am not a member of the PICS mailing list, I thought I’d post my comments here.

> [Joel]
> I was given the delegation for PH by Jon Postel in
> 1990 based on the fact that we were connected at
> that time to the Internet via uucp to UUNET, and
> I had the necessary Networking background, having
> worked on Macintosh Networking & Communications
> products in Santa Clara, CA for five years.

[WYn]
Thank you. My understanding is that EMC was not
connected to the (TCP/IP) Internet directly and
that there were others who were doing this at
the time, IIRC - some people at Clark (and/or Subic),
Obet Verzola, FEBC (the Far East Broadcasting Corp.),
etc.

Hello Winthrop. Actuallly, in 1989 the Internet was mostly uucp-based. There were many networks, but TCP was only starting to emerge as the dominant protocol. Apple was pushing Appletalk; IBM was pushing SNA; Novell was pushing IPX/SPX; Microsoft was using Netbeui; the Telcos were using X.25; the BBSes were using FTSC. It was only when the Mosaic browser came along in 1992 that the Internet gained steam, and hosts began to switch from uucp to TCP. UUCP connectivity was all that Jon Postel required of us in 1990.

The information you have on local connectivity in 1990 seems to be incorrect. Obet Verzola was using his own BBS, which - in 1990 - wasn’t connected to the Fidonet network, much less the Internet. (I believe Obet updated Andromeda later to support FTSC connections; Obet was one of the latter BBSes to connect to the local Fidonet network because he had written the code for Andromeda BBS, and thus had not put in support for the FTSC protocol). Bill English at Cubi Point ran his own BBS, but Bill would only dial the US to connect to the US Fidonet, and not the Internet. Jonathan Marsden of FEBC was also running FTSC - not uucp - to connect with another Christian BBS in the US (and later, in Korea). Jonathan’s group in the Philippines was receiving wire feeds which they would edit for “christian tastes” and re-transmit this to their Christian network in the US/Korea. It was much later - I think 1992 when the Christian BBS (in the US) connected to the Internet (using uucp, I might add).

> [Joel]
> DotPh is in full compliance with all ICANN
> regulations, especially RFC-1591.

[WYn]
Only RFC-1591? What about ICP-1 which is an
elaboration of RFC-1591

It is a bit complicated, but the ccTLDs generally regard ICP-1 as a document crafted by ICANN staff, and not approved via the ICANN process. Hence it doesn’t have the same status as RFC-1591.

> [Joel]
> Only a handful of ccTLDs have signed a contract
> with ICANN. …

[WYn]
Thank you, it’s good to clarify the fact that there
is no formal documentation of the current .ph domain
management and that this is something that simply
continues on a day-to-day basis.

I’m not sure what you are trying to suggest here. Our relationship with ICANN is exactly the same as DotHK’s, as InternetNZ’s or Nominet’s (UK) or DENIC’s (Germany) relationship. If you think we are running on a day-to-day basis, then you’ll have to conclude that the world’s largest ccTLD Registries (UK and DE) are day-to-day as well.

(more…)

Posted by jed at 6:51 pm | permalink | Add comment

Search

June 2005
M	T	W	T	F	S	S
« May		Jul »
	1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30

About Me

My name is Joel Disini. I am the CEO of DotPH, the Domain Registry for the Philippines. I also run an ISP called EMC. I studied Electrical Engineering and Computer Science at Caltech. I worked for five years in the late 80s writing Macintosh Software for Tri-Data Systems in Sunnyvale, CA.